Zero-day: Bluetooth gap turns millions of headphones into listening stations
wintermute @ wintermute @discuss.tchncs.de Posts 1Comments 85Joined 2 yr. ago
wintermute @ wintermute @discuss.tchncs.de
Posts
1
Comments
85
Joined
2 yr. ago
I think BLE is only required for the initial compromise (extracting the pairing key). After that the attack can be performed over classic BT, and can impersonate either part (headphones or phone) to the other.
It's still very targeted and sophisticated, so no reason to panic unless you have reasons to think someone with the resources could target you.
Regarding the attacks, they go way beyond eavesdropping calls, since BT headphones usually have access to contacts and smart assistants, that you can use to extract a lot more information